Re: [exim] Open relay?

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Oliver Heesakkers
Date:  
À: exim-users
Sujet: Re: [exim] Open relay?
Op di 14 feb 2012 15:43:00 schreef Ralph Ballier:
> Hello,
>
> one of my server with exim 4.77 seems to be an open relay, but I mean I had
> configured all right. I use smtp authentication and suppose, that hackers
> had found out username and password of a legal user. Is it possible to
> logging all information floating from mail client to server? I hope to get
> the username which give access to the server.
>
> Or do you mean, there is an other reason for open relay?
>
> Raba


The login name and authorisation _is_ logged in the standard configuration
(the string preceded with 'A='). Also in standard configuration your box would
not be an open relay.

If no 'A=' string is present in the log for the outgoing mail, you might want
to check is there is a 'U=' string which would signify that a user is
submitting these mails locally (website, compromised local user).

Some snippets from you log would help us greatly in any further investigation.